This doesn’t look safe. Youre essentially allowing anything from any ip/domain to have the permission to go fullscreen. This can essentially be a malicious file as well. So you’ll basically be giving that file extended permissions which it can then exploit. Don’t forget that chrome also has a remote desktop…